
package nl.moviefan.site.authentication;

import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.stereotype.Component;

/**
 * Entrypoint need for securing a RESTful webservice with Spring Security
 * 
 */
@Component
public class RestAuthenticationEntryPoint implements AuthenticationEntryPoint{
 
    //by default spring returns a HTTP 302 "Temporarily moved" when authentication fails. 
    //Override authException return message to return a HTTP 401 "Unauthorized" instead.
   @Override
   public void commence( HttpServletRequest request, HttpServletResponse response, 
    AuthenticationException authException ) throws IOException{
      response.sendError( HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized" );
   }
}